People of India are among the most affected by Shlayer
Shlayer spread out via a partner network, entertainment websites, Wikipedia
The malware specializes in the insulation of adware
A smart malware distribution system, Shlayer spreads via a partner network, entertainment websites and even Wikipedia, explaining that even users that only visit legal sites still need extra protection online.
Top countries wherever users have been affected by the threat include the US (31 percent), India (18.9 percent), Germany (14 percent), France (10 percent) and the UK (10 percent), according to the statement.
“The macOS platform is a good source of revenue for cybercriminals, who are constantly looking for new ways to deceive users, and actively use social engineering techniques to spread their malware. This case demonstrates that such threats can be found even on legitimate sites,” told Anton Ivanov, Kaspersky Security Analyst.
“Luckily for macOS users, the most widespread threats that target macOS currently revolve around feeding illicit advertising rather than something more dangerous, such as stealing financial data,” Ivanov told.
Shlayer’s share among all attacks on macOS devices registered by Kaspersky products in January – November 2019 amounted to roughly a third, with almost all another top 10 macOS threats doing the adware that Shlayer installs: AdWare.OSX.Bnodlero, AdWare. OSX.Geonei, AdWare.OSX.Pirrit and AdWare.OSX.Cimpli.
The infection process often consists of two phases – first the user installs Shlayer, then the malware installs a chosen type of adware. Device infection, however, starts with an accidental user downloading the malicious programme.
To achieve installations, the threat actor behind Shlayer sets up a malware distribution system with several channels leading users to download the malware.
Kaspersky announced in 2019 it blocked attacks carried out by Shlayer at least once on every 10th device using Kaspersky Solutions for Mac.
“A good web security solution can protect users from threats such as these, making the experience of searching the web safe and pleasant,” told Ivanov.